This section provides any information required when installing the minidrivers or middleware for the smart cards or configuring the smart cards through their minidriver, middleware or through MyID.
You must configure SafeNet Authentication Client (SAC) 10.7 separately for Minidriver and SafeNet eToken support.
You can configure the SAC 10.7 middleware using the SAC Customization Package, obtained from Gemalto.
For eToken devices, use the following settings:
For minidriver-based devices, use the following settings:
You must install the SafeNet Authentication Client middleware in Standard mode (that is, not the BSec-compatible mode). Standard mode is the first option that is presented when you run the middleware installer.
When you set up the SafeNet client tools, you must set the complexity requirement option to None . This option may be labeled Must meet complexity requirements or Password Complexity , depending on the version of the middleware you are using.
Initialization of SafeNet eToken 5100, 5110, 5110 FIPS and 5110+ credentials is protected using an initialization key. Unless the customer has requested a diversified factory initialization key, the tokens are shipped from the factory with a default key, which is already configured in MyID.
To secure the tokens after issuance, use the Key Manager workflow to configure a customer initialization key:
You can configure the rest of the values as required.
If the tokens were ordered with a diversified Factory key, use the same procedure, except for the Key Type , select Factory instead of Customer.
When you first issue a smart card, you may be prompted by the SafeNet middleware to change your password. Click Cancel to continue without changing the password.
Also, if you select the Token Password must be changed on first logon option when performing a challenge/response unlock, when the user logs in to MyID with the unlocked card, they will be prompted to change the PIN. To avoid this, deselect the Token Password must be changed on first logon option when unlocking the smart card.
You must make sure that you have set the credential profile to use the same settings as the SafeNet Authentication Client installation. Check the SafeNet middleware to ensure that the values you use are correct.
If you do not use the same settings in the credential profile and the SafeNet client installation, you will experience an error similar to the following:
Initialize Error
Cause: Invalid PIN
Solution: Please enter a new PIN.
-2147220729 Exception thrown: class CCardException
Error: 0x80040307 : You entered an incorrect pass phrase or PIN
PKCS Error: 0x00000020 Data invalid
To set the credential profile properties:
For information on issuing smart cards that have PIV applets using a non-PIV MyID system, see section 2.12 , Issuing smart cards that have PIV applets .
MyID 11.4.0 documentation, December 2019 – Copyright © 2001- 2019 Intercede Limited. All rights reserved.